Grafana Labs reports: When setting up Grafana, there is an option to enable JWT authentication. Enabling this will allow users to authenticate towards the Grafana instance with a special header ...
Continue Reading
May 01, 2023
A flaw was found in HashiCorp Consul, where it is vulnerable to a denial of service caused by improper input validation for the node or segment names. By sending a specially-crafted request, a remote, ...
Continue Reading
May 01, 2023
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a `state` query param ...
Continue Reading
May 01, 2023
A flaw was found in Envoy. If Envoy is running with the OAuth filter enabled, a malicious actor could construct a request which would cause denial of service, crashing Envoy.Read More ...
Continue Reading
May 01, 2023
> **April 2023 update** â Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. **MERCURY** is now tracked as **Mango Sandstorm** ...
Continue Reading
May 01, 2023
> **April 2023 update** â Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. **MERCURY** is now tracked as **Mango Sandstorm** ...
Continue Reading
May 01, 2023
# Description If you visit https://nuxt.com, you will find hardcoded Github token in the source code of the page - `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`. This token has access to multiple reposit ...
Continue Reading
May 01, 2023
Back to Main
